[Openswan Users] NSS and openswan 2.6.25

Paul Wouters paul at xelerance.com
Mon May 24 11:27:08 EDT 2010

On Mon, 24 May 2010, Avesh Agarwal wrote:

>> 003 "/etc/ipsec.d/ipsec.secrets" line 2: NSS certificate not found
> Are you using NSS sql database format? It can be checked if you have
> cert9.db and key4.db in your /etc/ipsec.d dir. If so, please export
> environment variable NSS_DEFAULT_DB_TYPE="sql" or ( export
> NSS_DEFAULT_DB_TYPE="sql") . The reason is that the latest Openswan
> releases have been changed to old NSS database format by default.

Because specifying "sql" in the file name caused problems on RHEL because
it does not support sql.

What we really need is support to specift the filename/type of the NSS db.


More information about the Users mailing list